Documentation

Complete guide to protecting your crypto exchange with ShadowStack's threat monitoring

Quick Start Guide
Get up and running with ShadowStack in 5 minutes
1

Sign up for an account

Create your ShadowStack account and choose a plan

2

Add your hot wallet addresses

Go to Dashboard → Targets and add the wallet addresses you want to monitor

3

Configure notifications

Set up email alerts and webhook integrations in Settings

4

Monitor threats

View real-time alerts in your dashboard and receive notifications

Our Mission

ShadowStack protects crypto exchanges and DeFi platforms by monitoring the dark web and public channels for threats against your hot wallets. We scan Telegram channels, Discord servers, and other platforms where hackers discuss potential targets, giving you early warning before attacks happen.

What are Hot Wallets?

Hot wallets are cryptocurrency wallets connected to the internet, used by exchanges for daily operations like processing withdrawals and trades. Unlike cold storage, hot wallets are vulnerable to online attacks because they're always connected. This makes them prime targets for hackers who monitor these addresses for large balances or suspicious activity.

How We Detect Threats

Our AI-powered system continuously scans public Telegram channels, Discord servers, and dark web forums where hackers share information about potential targets. We look for mentions of your wallet addresses, domain names, and other sensitive assets, alerting you immediately when threats are detected.

Supported Blockchain Networks

We monitor wallet addresses across major blockchain networks including Bitcoin (BTC), Ethereum (ETH), Binance Smart Chain (BSC), Solana (SOL), and TRON (TRX). Our system automatically detects the blockchain type when you add a wallet address.

API Reference
Integrate ShadowStack into your existing security infrastructure

Authentication

Authorization: Bearer YOUR_API_KEY

Get your API key from Dashboard → Settings → API Keys

Endpoints

GET
/api/alerts

Retrieve all security alerts for your account

Returns: Array of alert objects with timestamp, severity, and details

POST
/api/wallets

Add a new wallet address for monitoring

{ address: string, label?: string, network?: string }
GET
/api/threats

Get current threat intelligence data

Returns: Real-time threat data from monitored channels

POST
/api/webhooks

Configure webhook notifications

{ url: string, events: string[], secret?: string }
Security Best Practices

Wallet Address Management

  • • Only add hot wallet addresses that are actively used
  • • Use descriptive labels to identify each wallet's purpose
  • • Regularly review and remove unused wallet addresses
  • • Monitor both incoming and outgoing transactions

Alert Response

  • • Respond to critical alerts within 15 minutes
  • • Have an incident response plan ready
  • • Consider moving funds when threats are detected
  • • Document all security incidents for analysis

Integration Security

  • • Keep API keys secure and rotate them regularly
  • • Use webhook secrets to verify payload authenticity
  • • Implement rate limiting on your webhook endpoints
  • • Monitor API usage for unusual patterns

Need Help?

Our team is here to help you implement ShadowStack successfully

Browse Help CenterContact Support